I want to install docker on my ec2 instance.
sudo yum install docker -y
I came to know that this command automatically creates a group 'docker'
which has root privileges by default.so I add my ec2-user to this group to execute commands without 'sudo'.
sudo usermod -aG docker ec2-user
Now this means ec2-user has root privileges
But if I want to start the docker service,why should I use
sudo systemctl start docker
instead of simply
systemctl start docker
Above command is giving me an error:
Failed to start docker.service: The name org.freedesktop.PolicyKit1 was not provided by any .service files
See system logs and 'systemctl status docker.service' for details.
Please help!
because docker is system service so you must use sudo or run it without sudo as root user
or you can use
sudo systemctl enable docker
and after every reboot docker service will be running automatically
Related
Issue
When following the AWS guide for installing Docker (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/docker-basics.html), I'm stuck on step 8 docker info. Permission should have been added in step 6 so that ec2-user can run this without sudo, but it can't.
Error
$ docker info
-bash: /usr/bin/docker: Permission denied
Troubleshooting
I have restarted the instance, logged out and in, and stopped and started docker.
id ec2-user returns uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user),4(adm),10(wheel),190(systemd-journal),992(docker)
I've installed docker-compose and tried to change permissions in other ways:
sudo usermod -a -G sudo ec2-user
sudo setfacl -R -m user:ec2-user:rw /usr/bin/docker
Desired Behaviour
I'd like the permissions to be fixed, whether that means reinstalling Docker or just amending permissions.
If you want to avoid typing sudo whenever you run the docker command, add your username to the docker group:
sudo usermod -aG docker $(whoami)
You will need to log out of the Droplet and back in as the same user to enable this change.
If you need to add a user to the docker group that you’re not logged in as, declare that username explicitly using:
sudo usermod -aG docker username
I have an AWS ECS cluster defined with a service that uses Replica service type. It creates an EC2 isntance with a docker container. I can access it through browser and all this stuff...
The issue is that I have to connect through ssh to the EC2 instance and run:
sudo yum update -y
sudo yum install-y ruby
sudo yum install-y wget
cd /home/ec2-user
wget https://aws-codedeploy-eu-west-1.s3.eu-west-1.amazonaws.com/latest/install
chmod +x ./install
sudo ./install auto
It install codedeploy agent, so I can connect github to the instance and CI/CD code.
I would like to set up this automatically in every server that the ECS definition creates. For example if i stop the EC2 instance, the cluster raises a new EC2 instance, which doesn't have this agent...
I saw that I should configure your Amazon ECS container instance with user data, but first of all is that I am not able to find this option, and I am not quite sure if it runs into the EC2 isntance or in the docker itself.
Based on the comments.
The solution was to use Launch Template or Launch Configurations.
What I have noticed is whenever user-data commands are executed while executing a Cloudformation template to spin up an EC2, they are run via the root user. How can I change this behaviour so that the commands are run as ec2-user?
I tried doing a
sudo su ec2-user
to tackle this, but that apparently opens up another shell on the machine so doesn't really solve this use case.
sudo has the -u parameter that lets you choose the user. So you can use:
sudo -u ec2-user echo hello from ec2-user
I'm trying to install drupal on AWS ec2 instance by using terraform. I have created a script file in that I have defined docker installation and the s3 location of docker-compose.yml after that I run the docker-compose up -d command in the script. I called the script file in the user data everything is working fine on the new AWS ec2 instance except docker containers are not starting up.docker-compose file has downloaded to the instance but they were no containers actively running. If again I login into the instance and run the command then both drupal MySQL containers are starting and the drupal website is in an active state but the same command from the script is not working.
#! /bin/bash
sudo yum update -y
sudo yum install -y docker
sudo usermod -a -G docker ec2-user
sudo curl -L https://github.com/docker/compose/releases/download/1.21.0/docker-compose-`uname -s`-`uname -m` | sudo tee /usr/local/bin/docker-compose > /dev/null
sudo chmod +x /usr/local/bin/docker-compose
sudo service docker start
sudo chkconfig docker on
aws s3 cp s3://xxxxxx/docker-compose.yml /home/ec2-user/
docker-compose up -d
I had the same issue. Solved it with:
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
I am trying to install webgoat on AWS. I am following the instructions given on https://github.com/WebGoat/WebGoat
I can get it up and running on my local box. But when I try to deploy it on AWS it gives error and complains about Dockerfile and Dockerrun.aws.json.
I go to elastic beanstalk. Then I create an application (of docker type). It asks me for the code and I give it the zip file from github. After several minutes it gives errors about Dockerfile and Dockerrun.aws.json.
Webgoat has several Dockerfiles, but no Dockerrun.aws.json. I am not sure how to resolve this.
What is the best way to deploy webgoat in aws?
Will appreciate any help I can get.
Finally I was able to install it using the info provided on these two sources.
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/docker-basics.html
and https://github.com/WebGoat/WebGoat
Here are the steps:
sudo yum update -y
sudo yum install -y docker
sudo service docker start
sudo usermod -a -G docker ec2-user (Restart the server)
sudo docker pull webgoat/webgoat-8.0
sudo docker run -p 80:8080 -it webgoat/webgoat-8.0 /home/webgoat/start.sh
Make sure to modify the security group associated with the aws instance to allow http traffic. After that you should be able to access the app with this url:
http://:80/WebGoat/login